-
Notifications
You must be signed in to change notification settings - Fork 11
Request: Align validations between Cargo and Crates.io #41
Comments
Incidentally, it would be really nice if |
There are a number of open issues for better validation: rust-lang/cargo#4300 rust-lang/cargo#5554 rust-lang/cargo#4377 rust-lang/crates.io#7250. I think there has been some previous talk about sharing some validation code. I'm of the opinion that it would be a good idea to create a new library for this purpose, which contains only very basic validation functions. I think it is unlikely Cargo and crates.io could share something like the Perhaps those limitations means it would not have much value. I would like to hear from others what they think. |
I did a survey of some of the validation done between the two. Of course cargo does lots of other validation that isn't applicable here (profiles, dependencies, etc.). I think it is feasible to create a new package that the two projects share, that would have about 5 to 10 free functions defining some validation. I'm still not sure if it will provide significant maintenance improvements (weighed against the maintenance burden of publishing and coordinating a new package). There are also a lot of judgement calls listed below, as to how Cargo would treat the extra restrictions. Adding a warning to the publish/package step doesn't really help much (just makes
|
Sharing some thoughts from rust-lang/cargo#7256 :
|
Permit '+' in feature name, as in "c++20" Up front: I am familiar with the several discussions linked by rust-lang/crates-io-cargo-teams#41 (comment), and the conversation beginning at #1331 (comment). This PR is not motivated by attempting to match whatever behavior Cargo currently has. Instead, it's a small thing I think we can decide now whether to allow. But it's necessary to say no corresponding Cargo change is required to accommodate this crates.io change. This PR updates feature validation during publish to accept e.g. "c++20" and "dependency/c++20". We continue to not accept "c++20/feature" as the prefix before the slash would normally refer to a crate name of a dependency and a '+' would not be allowed in those. I am interested in using such feature names in https://github.com/dtolnay/cxx. In a Cargo.toml plusses appear as: ```toml [features] default = ["c++20"] "c++20" = ["my-dependency/c++20"] ``` To give some slight further justification for why this particular ascii character above other possible characters we might allow: `+` is pretty common in OS package names in a way that no other currently disallowed character is. Some examples pulled arbitrarily from `apt-cache pkgnames | rg '\+'`: - https://packages.debian.org/buster/dvd+rw-tools - https://packages.debian.org/buster/elpa-ghub+ - https://packages.debian.org/buster/libarpack++2-dev - https://packages.debian.org/buster/libdwarf++0 - https://packages.debian.org/buster/libelf++0 - https://packages.debian.org/buster/magics++ - https://packages.debian.org/buster/memtest86+ - https://packages.debian.org/buster/minisat+ - https://packages.debian.org/buster/paw++ - https://packages.debian.org/buster/swish++ - https://packages.debian.org/buster/vera++ - https://packages.debian.org/buster/voro++ The actual names of the projects contain `+`; various ones in the descriptions in the above links are styled as ARPACK++, Memtest86+, Magics++, Paw++, MinSat+, SWISH++, Vera++, Voro++. When binding to something like this behind a feature, using `+` in the feature name is the most intuitive.
After extensive testing locally and in CI, I finally went to publish to crates.io and received the error:
This is unfortunate as my multi-crate deploy is now in an unfinished state and I have to burn through a version number.
(@carols10cents told me to file this here)
The text was updated successfully, but these errors were encountered: